New data on blockchain security from SlowMist shows a sharp rise in total losses in 2025, even as the number of reported incidents fell across major networks.
Fewer incidents but higher losses in 2025
Blockchain security incidents led to losses of approximately $2.935 billion across 200 separate events in 2025, according to a new report by cybersecurity firm SlowMist. However, the financial damage jumped 46% compared to the previous year, even though incidents declined from 410 in 2024.
This divergence between incident count and monetary losses suggests that attacks are becoming more efficient and targeted. Moreover, the report highlights growing sophistication among professionalized hacker groups, including actors with alleged North Korean links, alongside evolving crypto money laundering techniques.
Ethereum, BSC and Solana bear the brunt of platform losses
Ethereum recorded the highest losses among major blockchain ecosystems, with incidents causing $254 million in damages during 2025. That figure puts Ethereum significantly ahead of other networks in terms of direct financial impact, reinforcing its status as a prime target for attackers.
By comparison, BSC followed with reported losses of $21.93 million, while Solana suffered $17.45 million in damages. Moreover, Arbitrum was also listed among the affected platforms, accounting for $17.10 million in losses. This distribution indicates that established, high-volume networks remain at the center of attacker focus.
Methodology and hidden impact behind headline numbers
SlowMist stressed that the true scale of losses probably exceeds the reported figures. The report calculates damage based on token prices at the time each incident took place, which may understate or overstate current values as markets move.
In addition, individual user losses were excluded from the analysis. That said, SlowMist noted that unreported hacks, private settlements, and undisclosed breaches mean the overall impact on investors and protocols is likely higher than the documented $2.935 billion. The firm outlined these limitations when releasing its 2025 Blockchain Security & AML Annual Report through official channels.
DeFi incidents dominate case numbers
Decentralized finance protocols accounted for 126 incidents in 2025, representing 63% of all reported cases. These DeFi-related events generated combined losses of $649 million, underlining that complex financial primitives remain an attractive arena for attackers.
According to the report, many DeFi incidents hinged on smart contract vulnerabilities and sophisticated exploit strategies. Moreover, the data provides an implicit defi incidents overview in which protocol complexity, composability, and rapid innovation continue to challenge traditional security practices.
Centralized exchanges see fewer hacks but far larger losses
Centralized exchanges experienced a comparatively small number of cases but suffered disproportionately higher losses. Only 22 incidents hit centralized platforms throughout 2025. However, the resulting damage reached a substantial $1.809 billion, vastly outweighing the DeFi total.
The largest single event was the Bybit breach, which alone accounted for $1.46 billion of losses. This concentration of damage in one high-profile incident illustrates how a single successful attack on a major exchange can dominate annual loss statistics and reshape perceptions of risk.
Key attack vectors and emerging criminal services
The SlowMist report identifies two dominant attack vectors across the 2025 data set. Smart contract exploits were responsible for 56 incidents, while account compromises totaled 50 separate cases. Together, these categories formed the core of the year’s major security failures.
Furthermore, SlowMist noted that many operations increasingly rely on ransomware-as-a-service and malware-as-a-service. This industrialization of cybercrime lowers the technical barrier for attackers and, in the view of the authors, magnifies systemic blockchain security risks across both DeFi and centralized platforms.
Regulatory response and cross-border challenges
Global regulators have stepped up enforcement in response to the evolution of blockchain-enabled crime. Authorities are more frequently freezing assets, tracing flows across chains, and coordinating with private security firms such as SlowMist.
However, the report underscores persistent obstacles in cross-border coordination and asset recovery. Differences in legal frameworks, jurisdictional limits, and the speed of on-chain fund movements all hinder timely intervention, even as policy efforts accelerate.
Outlook for security in digital asset markets
Looking ahead, the 2025 data points to a maturing but still vulnerable ecosystem. Established networks like Ethereum, major centralized exchanges, and complex DeFi protocols remain prime targets as attackers refine tools and exploit paths.
In summary, the SlowMist findings show that while the total number of incidents fell sharply from 410 in 2024 to 200 in 2025, financial losses surged to $2.935 billion. This widening gap between frequency and impact suggests that robust risk management, better code auditing, and stronger operational controls will be essential for participants across the digital asset landscape.